Todd Soderstrom's repositories
Azure-Sentinel-Notebooks
Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.
koadic
Koadic C3 COM Command & Control - JScript RAT
DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
OSINT-Framework
OSINT Framework
CrackMapExec
A swiss army knife for pentesting networks
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
docker-splunk
Splunk Docker GitHub Repository
gogen
Highly configurable and scalable data generator for testing or demo data
eventgen
Splunk Event Generator: Eventgen
BloodHound.py
A Python based ingestor for BloodHound
Cheatsheet-God
Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet
splunk-eventgen-guide
Tutorial for Medium Post
osquery-configuration
A repository for using osquery for incident detection and response
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
crt.sh
(Unofficial) Python API for https://crt.sh
ansible-human_log
This Ansible callback plugin for human-readable result logging for Ansible 1.9/2.0-2.4.
powerline
Powerline is a statusline plugin for vim, and provides statuslines and prompts for several other applications, including zsh, bash, tmux, IPython, Awesome and Qtile.
ansible-kubernetes-openshift-pi3
Ansible playbooks for setting up a Kubernetes Raspberry Pi 3 cluster
AutoNessus
This script communicates with the Nessus API in an attempt to help with automating scans. Depending on the flag issued with the script, you can list all scans, list all policies, start, stop, pause, and resume a scan.
mac-dev-playbook
Mac setup and configuration via Ansible.
ModLogin
Quickly check credentials against multiple websites and identify instances of credential reuse